Date: Tue, 16 Sep 2003 10:14:14 +0200 From: Socketd <db@traceroute.dk> To: freebsd-security@freebsd.org Subject: Re: boot -s - can i detect intruder Message-ID: <20030916101414.54b145ca.db@traceroute.dk> In-Reply-To: <014001c37c39$956ec2f0$0d00a8c0@amkdrives.bg> References: <014001c37c39$956ec2f0$0d00a8c0@amkdrives.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Sep 2003 11:02:05 +0100 "Nikolay Kanchev" <niki@amk-drives.bg> wrote: > Several people have physical access to my FreeBSD box and I have the > feeling that somebody try to get access with boot -s options . Can I > log activity after boot -s option (change user password, install > software and etc.). I use boot -s and change user password, but after > reboot i can't find this atcivity in log files. > The BSD box is shutdown and run again many time at day. Why not set console in /etc/ttys to insecure? Then you can't login without a password. br socketd
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030916101414.54b145ca.db>